AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions, and listings, of claims 
in the application: 

1 1 . (Currently amended) A method for managing a database system, 

2 wherein the database system has a plurality hierarchy of system administrators, 

3 comprising: 

4 receiving a command to perform an administrative function involving an 

5 object defined within the database system; 

6 determining if the object is a sensitive object that is associated with 

7 security functions in the database system, wherein the sensitive object is encrypted 

8 in the database system, wherein the sensitive object can include a sensitive row 

9 within a table in the database system, wherein the sensitive row contains sensitive 

10 data, and wherein other rows in the table need not contain sensitive data; 

1 1 wherein the sensitive object can include one of: 

12 a sensitive table containing sensitive data in the database 

13 system, and 

14 an object that represents a sensitive user of the database 

15 system who is empowered to access sensitive data; 

1 6 wherein at least one of the plurality of system administrators in the 

1 7 hierarchy of system administrators is a security officer who can perform 

18 administrative functions on sensitive objects; 

1 9 wherein a ft system administrator in the plurality hierarchy of system 

20 administrators who is not a security officer cannot become a sensitive user and 

21 thereby obtain access to sensitive objects indirectly; 

22 if the object is not a sensitive object, and if the command to perform an 

23 administrative function is received from- aa system administrator who is not a 

24 security officer, allowing the administrative function to proceed; and 
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25 if the object is a sensitive object, and if the command is received from an 

26 system administrator who is not a security officer, disallowing the administrative 

27 function. 



1 2. (Previously presented) The method of claim 1, further comprising: 

2 receiving a request to perform an operation on a data item in the database 

3 system; 

4 if the data item is a sensitive data item containing sensitive information 

5 and if the request is received from a sensitive user who is empowered to access 

6 sensitive data, allowing the operation to proceed if the sensitive user has access 

7 rights to the sensitive data item; and 

8 if the data item is a sensitive data item and the request is received from a 

9 user who is not a sensitive user, disallowing the operation. 

1 3. (Original) The method of claim 2, wherein if the data item is a sensitive 

2 data item, if the operation is allowed to proceed, and if the operation involves 

3 retrieval of the data item, the method further comprises decrypting the data item 

4 using an encryption key after the data item is retrieved. 

1 4. (Original) The method of claim 3, wherein the encryption key is stored 

2 along with a table containing the data item. 

1 5. (Original) The method of claim 4, wherein the encryption key is stored 

2 in encrypted form. 



1 6 (Canceled). 

3 
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1 7. (Original) The method of claim 1, wherein if the object is not a sensitive 

2 object, and if the command to perform the administrative function is received 

3 from a security officer, the method further comprises allowing the security officer 

4 to perform the administrative function on the object. 

1 8. (Original) The method of claim 1, 

2 wherein the database system includes a number of sensitive data items; 

3 and 

4 wherein only specific sensitive users are allowed to access a given 

5 sensitive data item. 

1 9. (Currently amended) A computer-readable storage medium storing 

2 instructions that when executed by a computer cause the computer to perform a 

3 method for managing a database system, wherein the database system has a 

4 plurality hierarchy of system administrators, the method comprising: 

5 receiving a command to perform an administrative function involving an 

6 object defined within the database system; 

7 determining if the object is a sensitive object that is associated with 

8 security functions in the database system, wherein the sensitive object is encrypted 

9 in the database system, wherein the sensitive object can include a sensitive row 

10 within a table in the database system, wherein the sensitive row contains sensitive 

1 1 data, and wherein other rows in the table need not contain sensitive data; 

12 wherein the sensitive object can include one of: 

13 a sensitive table containing sensitive data in the database 

14 system, and 

1 5 an object that represents a sensitive user of the database 

16 system who is empowered to access sensitive data; 

4 
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1 7 wherein at least one of the plurality of system administrators in the 

1 8 hierarchy of system administrators is a security officer who can perform 

19 administrative functions on sensitive objects; 

20 wherein m system administrator in the plurality hierarchy of system 

21 administrators who is not a security officer cannot become a sensitive user and 

22 thereby obtain access to sensitive objects indirectly; 

23 if the object is not a sensitive object, and if the command is received from 

24 an system administrator who is not a security officer, allowing the administrative 

25 function to proceed; and 

26 if the object is a sensitive object, and if the command is received from an 

27 system administrator syst e m who is not a security officer, disallowing the 

28 administrative function. 

1 10. (Previously presented) The computer-readable storage medium of 

2 claim 9, wherein the method further comprises: 

3 receiving a request to perform an operation on a data item in the database 

4 system; 

5 if the data item is a sensitive data item containing sensitive information 

6 and if the request is received from a sensitive user who is empowered to access 

7 sensitive data, allowing the operation to proceed if the sensitive user has access 

8 rights to the sensitive data item; and 

9 if the data item is a sensitive data item and the request is received from a 
10 user system who is not a sensitive user, disallowing the operation. 

1 11. (Original) The computer-readable storage medium of claim 1 0, 

2 wherein if the data item is a sensitive data item, if the operation is allowed to 

3 proceed, and if the operation involves retrieval of the data item, the method 

5 
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4 further comprises decrypting the data item using an encryption key after the data 

5 item is retrieved. 

1 12. (Original) The computer-readable storage medium of claim 11, 

2 wherein the encryption key is stored along with a table containing the data item. 

1 13. (Original) The computer-readable storage medium of claim 12, 

2 wherein the encryption key is stored in encrypted form. 

1 14 (Canceled). 

1 15. (Original) The computer-readable storage medium of claim 9, wherein 

2 if the object is not a sensitive object, and if the command to perform the 

3 administrative function is received from a security officer, the method further 

4 comprises allowing the security officer to perform the administrative function. 

1 16. (Original) The computer-readable storage medium of claim 9, 

2 wherein the database system includes a number of sensitive data items; 

3 and 

4 wherein only specific sensitive users are allowed to access a given 

5 sensitive data item. 

1 1 7. (Currently amended) An apparatus for managing a database system, 

2 wherein the database system has a plurality hierarchy of system administrators, 

3 comprising: 



6 
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4 a command receiving mechanism that is configured to receive a command 

5 to perform an administrative function involving an object defined within the 

6 database system; 

7 an execution mechanism that is configured to, 

8 determine if the object is a sensitive object that is 

9 associated with security functions in the database system, wherein 

10 the sensitive object is encrypted in the database system, wherein 

1 1 the sensitive object can include a sensitive row within a table in the 

12 database system, wherein the sensitive row contains sensitive data, 

13 and wherein other rows in the table need not contain sensitive data, 

14 wherein the sensitive object can include one of: 

1 5 a sensitive table containing sensitive data in 

16 the database system, and 

1 7 an object that represents a sensitive user of 

1 8 the database system who is empowered to access 

19 sensitive data; 

20 wherein at least one of the plurality of system administrators in the 

21 hierarchy of system administrators is a security officer who can perform 

22 administrative functions on sensitive objects; 

23 wherein an system administrator in the plurality hierarchy of system 

24 administrators who is not a security officer cannot become a sensitive user and 

25 thereby obtain access to sensitive objects indirectly; 

26 allow the administrative function to proceed, if the object is 

27 not a sensitive object, and if the command is received from an 

28 system administrator who is not a security officer, and to 



7 
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29 disallow the administrative function, if the object is the 

30 sensitive object, and if the command is received from an system 

3 1 administrator who is not a security officer. 



1 18. (Previously presented) The apparatus of claim 1 7, 

2 wherein the command receiving mechanism is configured to receive a 

3 request to perform an operation on a data item in the database system; 

4 wherein the execution mechanism is configured to, 

5 allow the operation to proceed, if the data item is a 

6 sensitive data item, if the request is received from a sensitive user 

7 who is empowered to access sensitive data, and if the sensitive user 

8 has access rights to the sensitive data item, and to 

9 disallow the operation, if the data item is a sensitive data 

10 item, and if the request is received from a user who is not a 

1 1 sensitive user. 



1 19. (Original) The apparatus of claim 18, further comprising a decryption 

2 mechanism, wherein if the data item is a sensitive data item, if the operation is 

3 allowed to proceed, and if the operation involves retrieval of the data item, the 

4 decryption mechanism is configured to decrypt the data item using an encryption 

5 key after the data item is retrieved 



1 20. (Original) The apparatus of claim 19, wherein the encryption key is 

2 stored along with a table containing the data item. 

1 21 . (Original) The apparatus of claim 20, wherein the encryption key is 

2 stored in encrypted form. 

8 
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1 



22 (Canceled). 



1 23. (Original) The apparatus of claim 17, wherein if the object is not a 

2 sensitive object, and if the command to perform the administrative function is 

3 received from a security officer, the execution mechanism is configured to allow 

4 the security officer to perform the administrative function. 

1 24. (Original) The apparatus of claim 1 7, 

2 wherein the database system includes a number of sensitive data items; 

3 and 

4 wherein only specific sensitive users are allowed to access a given 

5 sensitive data item. 

1 25. (Currently amended) A method for managing a database system, 

2 comprising: 

3 receiving a command to perform an administrative function involving an 

4 object defined within the database system; 

5 determining if the object is a sensitive object that is associated with 

6 security functions in the database system; 

7 wherein at least one of the plurality system administrators in a hierarchy 

8 of system administrators is a security officer who can perform administrative 

9 functions on sensitive objects; 

1 0 wherein aa system administrator in the plurality hierarchy of system 

1 1 administrators who is not a security officer cannot become a sensitive user and 

12 thereby obtain access to sensitive objects indirectly; 



9 
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13 if the object is not a sensitive object, and if the command is received from 

14 a databas e system administrator who is not a security officer, allowing the 

1 5 administrative function to proceed; and 

16 if the object is a sensitive object, and if the command is received from a 

17 system administrator who is not a security officer, disallowing the administrative 

18 function. 



1 26. (Previously presented) The method of claim 25, further comprising: 

2 receiving a request to perform an operation on a data item in the database 

3 system; 

4 if the data item is a sensitive data item containing sensitive information 

5 and if the request is received from a sensitive user who is empowered to access 

6 sensitive data, allowing the operation to proceed if the sensitive user has access 

7 rights to the sensitive data item; and 

8 if the data item is a sensitive data item and the request is received from a 

9 user who is not a sensitive user, disallowing the operation. 

1 27. (Previously presented) The method of claim 26, wherein if the data 

2 item is a sensitive data item, if the operation is allowed to proceed, and if the 

3 operation involves retrieval of the data item, the method further comprises 

4 decrypting the data item using an encryption key after the data item is retrieved. 

1 28. (Previously presented) The method of claim 27, wherein the encryption 

2 key is stored along with a table containing the data item. 

1 29. (Previously presented) The method of claim 28, wherein the encryption 

2 key is stored in encrypted form. 

10 
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1 30. (Previously presented) The method of claim 25, wherein the sensitive 

2 object can include one of: 

3 a sensitive table containing sensitive data in the database system; 

4 a sensitive row within a table in the database system, wherein the sensitive 

5 row contains sensitive data; and 

6 an object that represents a sensitive user of the database system who is 

7 empowered to access sensitive data. 

1 31. (Previously presented) The method of claim 25, wherein if the object is 

2 not a sensitive object, and if the command to perform the administrative function 

3 is received from a security officer, the method further comprises allowing the 

4 security officer to perform the administrative function on the object. 

1 32. (Previously presented) The method of claim 25, 

2 wherein the database system includes a number of sensitive data items; 

3 and 

4 wherein only specific sensitive users are allowed to access a given 

5 sensitive data item. 

1 33. (Currently amended) A computer-readable storage medium storing 

2 instructions that when executed by a computer cause the computer to perform a 

3 method for managing a database system, the method comprising: 

4 receiving a command to perform an administrative function involving an 

5 object defined within the database system; 

6 determining if the object is a sensitive object that is associated with 

7 security functions in the database system; 

11 



LS V:\Oracle Corporation\OR00-l4001\Amendment E OROO-14001 (LAXMAN).doc 



8 wherein at least one of the plural ity of system administrators in a hierarchy 

9 of system administrators is a security officer who can perform administrative 

1 0 functions on sensitive objects; 

1 1 wherein an system administrator in the plurality hierarchy of system . 

12 administrators who is not a security officer cannot become a sensitive user and 

1 3 thereby obtain access to sensitive objects indirectly; 

14 if the object is not a sensitive object, and if the command is received from 

15 a databas e system administrator who is not a security officer, allowing the 

16 administrative function to proceed; and 

17 if the object is a sensitive object, and if the command is received from a 

18 system administrator who is not a security officer, disallowing the administrative 

19 function. 



1 34. (Previously presented) The computer-readable storage medium of 

2 claim 33, wherein the method further comprises: 

3 receiving a request to perform an operation on a data item in the database 

4 system; 

5 if the data item is a sensitive data item containing sensitive information 

6 and if the request is received from a sensitive user who is empowered to access 

7 sensitive data, allowing the operation to proceed if the sensitive user has access 

8 rights to the sensitive data item; and 

9 if the data item is a sensitive data item and the request is received from a 
10 user who is not a sensitive user, disallowing the operation. 

1 35. (Previously presented) The computer-readable storage medium of 

2 claim 34, wherein if the data item is a sensitive data item, if the operation is 

3 allowed to proceed, and if the operation involves retrieval of the data item, the 

12 
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4 method further comprises decrypting the data item using an encryption key after 

5 the data item is retrieved. 



1 36. (Previously presented) The computer-readable storage medium of 

2 claim 35, wherein the encryption key is stored along with a table containing the 

3 data item. 

1 37. (Previously presented) The computer-readable storage medium of 

2 claim 36, wherein the encryption key is stored in encrypted form. 

1 38. (Previously presented) The computer-readable storage medium of 

2 claim 33, wherein the sensitive object can include one of: 

3 a sensitive table containing sensitive data in the database system; 

4 a sensitive row within a table in the database system, wherein the sensitive 

5 row contains sensitive data; and 

6 an object that represents a sensitive user of the database system who is 

7 empowered to access sensitive data. 

1 39. (Previously presented) The computer-readable storage medium of 



2 claim 33, wherein if the object is not a sensitive object, and if the command to 

3 perform the administrative function is received from a security officer, the method 

4 further comprises allowing the security officer to perform the administrative 

5 function. 

1 40. (Previously presented) The computer-readable storage medium of 

2 claim 33, 



13 
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3 wherein the database system includes a number of sensitive data items; 

4 and 

5 wherein only specific sensitive users are allowed to access a given 

6 sensitive data item. 

1 41 . (Currently amended) An apparatus for managing a database system, 

2 comprising: 

3 a command receiving mechanism that is configured to receive a command 

4 to perform an administrative function involving an object defined within the 

5 database system; 

6 wherein at least one of the plurality of system administrators in a hierarchy 

7 of system administrators is a security officer who can perform administrative 

8 functions on sensitive objects; 

9 wherein aft system administrator in the plurality hierarchy of system 

10 administrators who is not a security officer cannot become a sensitive user and 

1 1 thereby obtain access to sensitive objects indirectly; 

12 an execution mechanism that is configured to, 

1 3 determine if the object is a sensitive object that is 

14 associated with security functions in the database system, 

1 5 allow the administrative function to proceed, if the object is 

16 not a sensitive object, and if the command is received from an 

17 system administrator who is not a security officer, and to 

18 disallow the administrative function, if the object is a 



19 



sensitive object, and if the command is received from an system 



20 administrator who is not a security officer. 

1 42. (Previously presented) The apparatus of claim 4 1 , 

14 
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2 wherein the command receiving mechanism is configured to receive a 

3 request to perform an operation on a data item in the database system; 

4 wherein the execution mechanism is configured to, 

5 allow the operation to proceed, if the data item is a sensitive data item, if 

6 the request is received from a sensitive user who is empowered to access sensitive 

7 data, and if the sensitive user has access rights to the sensitive data item, and to 

8 disallow the operation, if the data item is a sensitive data item, and if the 

9 request is received from a user who is not a sensitive user. 

1 43. (Previously presented) The apparatus of claim 42, further comprising a 



2 decryption mechanism, wherein if the data item is a sensitive data item, if the 

3 operation is allowed to proceed, and if the operation involves retrieval of the data 

4 item, the decryption mechanism is configured to decrypt the data item using an 

5 encryption key after the data item is retrieved 



1 44. (Previously presented) The apparatus of claim 43, wherein the 

2 encryption key is stored along with a table containing the data item. 

1 45. (Previously presented) The apparatus of claim 44, wherein the 

2 encryption key is stored in encrypted form. 

1 46. (Previously presented) The apparatus of claim 4 1 , wherein the 

2 sensitive object can include one of: 

3 a sensitive table containing sensitive data in the database system; 

4 a sensitive row within a table in the database system, wherein the sensitive 

5 row contains sensitive data; and 
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6 an object that represents a sensitive user of the database system who is 

7 empowered to access sensitive data. 



1 47. (Previously presented) The apparatus of claim 41, wherein if the object 

2 is not a sensitive object, and if the command to perform the administrative 

3 function is received from a security officer, the execution mechanism is 

4 configured to allow the security officer to perform the administrative function. 

1 48. (Previously presented) The apparatus of claim 41 , 

2 wherein the database system includes a number of sensitive data items; 

3 and 

4 wherein only specific sensitive users are allowed to access a given 

5 sensitive data item. 
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